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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

• If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

• Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)D Responsive to communications) filed on . 

2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) ^ Claim(s) 1-12 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [3 Claim(s) 1-12 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 06 July 2004 is/are: a)H accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1-12 are pending for examination. 

2. Claims 1-12 are rejected. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C 102 that form the 
basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

3. Claims 1-12 are rejected under 35 U.S.C 102(e) as being anticipated by Teal et al, U.S. 
Patent Application Publication US 2003/0120935 Al. 

4. As per claim 1; "An agent process for controlling access to digital assets in a data 
processing environment comprising [para. 0002-0106, figures 1-3 and associated descriptions]: 

sensing atomic level asset access events, the sensing step located within an operating 
system kernel within a user client device [para. 0002-0106, figures 1-3 and associated 
descriptions, whereas the trapping of calls to the operating system (i.e., para. 0038- 
0042,0061,0067,0074-0077) clearly encompasses the memory access functions (i.e., 
read/write/modify per se, both at the application level to the operating system levels/layers) in all 
associated address spaces, as broadly interpreted by the examiner.]; 
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aggregating multiple atomic level events to determine a combined event [para. 0002- 
0106, figures 1-3 and associated descriptions, whereas the trapping of calls to the operating 
system and subsequent logging/analysis/resulting operational restrictions on access (i.e., to 
applications execution per se), and system configuration functions (i.e., para. 0038-0045,0049- 
0051,0067-0075,0100-0106) clearly encompasses the "aggregating multiple atomic level events 
. . . combined event . . .", as broadly interpreted by the examiner.]; and 

asserting an encryption policy if a at least one combined event has occurred that matches 
a predefined digital asset usage risk policy [para. 0002-0106, figures 1-3 and associated 
descriptions, whereas the trapping of calls to the operating system and subsequent 
logging/analysis/resulting operational restrictions (i.e., encryption/authentication of code, etc.,) 
on access (i.e., to applications execution per se), and system configuration functions (i.e., para. 
0038-0051,0069-0072,0078-0106) clearly encompasses the "...encryption ... event has occurred 
. . . usage risk policy . . as broadly interpreted by the examiner.].". 

5. Claim 2 additionally recites the limitation that; "A process as in claim 1 wherein the step 
of asserting the encryption policy is implemented in an operating system kernel of the client user 
device.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (clearly at the 
kernel level of the operating system) and subsequent logging/analysis/resulting operational 
restrictions (i.e., encryption/authentication of code, etc.,) on access (i.e., to applications 
execution per se), and system configuration functions (i.e., para. 0038-0051,0069-0072,0078- 
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0106) of both client/server, and network processing elements per se, clearly encompasses the 

. .encryption policy . . . kernel . . . client user device . . .", as broadly interpreted by the 
examiner.). 

6. Claim 3 additionally recites the limitation that; "A process as in claim 1 additionally 
comprising: 

encrypting an associated digital asset.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions (i.e., encryption/authentication of code, etc.,) on access, and 
system configuration functions (i.e., para. 0038-0051,0069-0072,0078-0106) of both 
client/server, and network processing elements per se, clearly encompasses the ". . .encrypting an 
associated digital asset", as broadly interpreted by the examiner.). 

7. Claim 4 additionally recites the limitation that; "A process as in claim 1 wherein the 
combined event is a time sequence of multiple atomic level events.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls (i.e., inherently a real time sequence 
of "multiple atomic level events") to the operating system and subsequent operational 
restrictions, event logging, etc., on access, and system configuration functions (i.e., para. 
0008,0023-0024,0040-0041,0045,0051-0052,0067,0074-0080,0085-0089,0098-0106), clearly 
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encompasses the . .combined . . . time sequence of multiple . . . events", as broadly interpreted 
by the examiner.). 

8. Claim 5 additionally recites the limitation that; "A process as in claim 2 that operates 
independently of application software.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions, event logging, etc., on access, and system configuration 
functions (i.e., para. 0037-0045,0051,0061,0067-0078,0100-0106), clearly encompasses the 
". . . independently of application software", as broadly interpreted by the examiner.). 

9. Claim 6 additionally recites the limitation that; "A process as in claim 1 wherein the 
sensing, 

aggregating, and 

asserting steps operate in real time.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls (i.e., inherently a real time sequence 
of "multiple atomic level events") to the operating system and subsequent operational 
restrictions, event logging, etc., on access, and system configuration functions (i.e., para. 
0008,0023-0024,0040-0041,0045,0051-0052,0067,0074-0080,0085,0089,0098-0106), clearly 
encompasses the "... sensing, aggregating, and asserting ... real time", as broadly interpreted by 
the examiner.). 
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10. Claim 7 additionally recites the limitation that; "A process as in claim 1 additionally 
comprising: 

determining a sensitivity of a particular digital asset in the asset access event; and 
adaptive encryption to the digital asset, optionally depending upon sensitivity of the 
particular digital asset 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions (i.e., encryption/authentication of code, etc.,) on access, and 
system configuration functions (i.e., para. 0038-0051,0069-0072,0078-0106), and, whereas the 
sensitivity corresponds to security/encryption/keying levels, clearly encompasses the 

". . . sensitivity . . . asset . . . adaptive encryption sensitivity of the particular digital asset", as 

broadly interpreted by the examiner.). 

1 1 . Claim 8 additionally recites the limitation that; "A process as in claim 1 wherein the 
combined event specifies an action to be taken with the digital asset.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent logging/analysis/resulting operational restrictions on access (i.e., to applications 
execution per se), and system configuration functions (i.e., para. 0038-0045,0049-0051,0067- 
0075,0100-0106) clearly encompasses the . . combined . . . action to be taken . . . asset . . .", as 
broadly interpreted by the examiner.). 
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12. Claim 9 additionally recites the limitation that; "A process as in claim 2 additionally 
comprising: 

at the client user device, applying encryption of the encryption policy specified the digital 
asset to be encrypted.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions (i.e., encryption/authentication of code, etc.,) on access, and 
system configuration functions (i.e., para. 0038-0051,0069-0072,0078-0106), and, whereas the 
sensitivity corresponds to security/encryption/keying levels, clearly encompasses the ". . .client 
. . . encryption . . . policy specified . . . asset to be encrypted", as broadly interpreted by the 
examiner.). 

13. Claim 10 additionally recites the limitation that; "A process as in claim 9 additionally 
comprising: 

forwarding the digital asset to a second client use device; and 

asserting an encryption policy at the second client use device .". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (inclusive of 
client, client/server, networked per se configurations) and subsequent operational restrictions 
(i.e., software applications/assets in a 2 nd computer user space/memory, encryption, 
authentication of code, etc.,) on access, and system configuration functions (i.e., para. 0044- 
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0053,0062-0069,0084,0100-0106), clearly encompasses the "...forwarding ... second client 
. . . encryption policy . . . second client . . .", as broadly interpreted by the examiner.). 

14. Claim 1 1 additionally recites the limitation that; "A process as in claim 10 additionally 
comprising: 

applying decryption at the second client user device.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (inclusive of 
client, client/server, networked per se configurations and functionality) and subsequent 
operational restrictions (i.e., software applications/assets in a 2 nd computer user space/memory, 
encryption, authentication of code, with subsequent decryption associated with said encryption, 
etc.,) on access, and system configuration functions (i.e., para. 0044-0053,0062-0069,0084,0100- 
0106), clearly encompasses the "... decryption . . . second client . . .", as broadly interpreted by 
the examiner.). 

15. Claim 12 additionally recites the limitation that; "A process as in claim 9 additionally 
comprising: 

forwarding the digital asset to a second client user device; and 

not asserting an encryption policy at the second client user device, so that if the 

encryption policy specifies encryption, the digital asset cannot be read at the second client user 

device.". 



Application/Control Number: 10/750,321 Page 9 

Art Unit: 2136 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (inclusive of 
client, client/server, networked per se configurations) and subsequent operational restrictions 
(i.e., software applications/assets in a 2 nd computer user space/memory, encryption, 
authentication of code, etc.,) on access, and system configuration functions (i.e., para. 0044- 
0053,0062-0069,0084,0100-0106), whereas configuration of kernel software operational to effect 
the call servicing and resulting configuration of security and encryption policies clearly 
encompasses the ". . .forwarding . . . second client ... not asserting an encryption . . . second client 
. . . cannot be read at the second client user device. . .", as broadly interpreted by the examiner.). 
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Conclusion 



16. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Ronald Baum, whose telephone number is (571) 272-3861, and whose 
unofficial Fax number is (571) 273-3861. The examiner can normally be reached Monday 
through Friday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (571) 272-3795. The Fax number for the organization 
where this application is assigned is 703-872-9306. 



Ronald Baum 
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